/* -*-c-*-
*
- * $Id: keyset.c,v 1.6 2003/04/06 10:26:35 mdw Exp $
+ * $Id: keyset.c,v 1.7 2003/05/17 11:00:47 mdw Exp $
*
* Handling of symmetric keysets
*
/*----- Revision history --------------------------------------------------*
*
* $Log: keyset.c,v $
+ * Revision 1.7 2003/05/17 11:00:47 mdw
+ * Don't make scary messages just because one key didn't work on a message:
+ * only be frightened if they all fail. Set initial keyset refcount
+ * correctly.
+ *
* Revision 1.6 2003/04/06 10:26:35 mdw
* Report peer name on decrypt errors.
*
})
h->ops->destroy(h);
if (!eq) {
- a_warn("incorrect MAC on packet from `%s'", p_name(ks->p));
IF_TRACING(T_KEYSET, {
- trace(T_KEYSET, "keyset: decryption failed");
+ trace(T_KEYSET, "keyset: incorrect MAC: decryption failed");
trace_block(T_CRYPTO, "crypto: expected MAC", pmac, MACSZ);
})
return (-1);
#undef GETHASH
T( ks->seq = seq++; )
+ ks->ref = 1;
ks->t_exp = now + T_EXP;
ks->sz_exp = SZ_EXP;
ks->oseq = ks->iseq = 0;
return (dosequence(ks, seq));
}
}
- T( trace(T_KEYSET, "keyset: no matching keys"); )
+ T( trace(T_KEYSET, "keyset: no matching keys, or incorrect MAC"); )
return (-1);
}